Moderate severityNVD Advisory· Published Sep 14, 2023· Updated Sep 26, 2024
Vault's Transit Secrets Engine Allowed Nonce Specified without Convergent Encryption
CVE-2023-4680
Description
HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/hashicorp/vaultGo | >= 1.6.0, < 1.12.11 | 1.12.11 |
github.com/hashicorp/vaultGo | >= 1.13.0, < 1.13.7 | 1.13.7 |
github.com/hashicorp/vaultGo | >= 1.14.0, < 1.14.3 | 1.14.3 |
Affected products
10- osv-coords8 versionspkg:apk/chainguard/vault-1.13pkg:apk/chainguard/vault-1.13-compatpkg:apk/chainguard/vault-1.13-entrypointpkg:apk/wolfi/vault-1.13pkg:apk/wolfi/vault-1.13-compatpkg:apk/wolfi/vault-1.13-entrypointpkg:bitnami/vaultpkg:golang/github.com/hashicorp/vault
< 1.13.7-r0+ 7 more
- (no CPE)range: < 1.13.7-r0
- (no CPE)range: < 1.13.7-r0
- (no CPE)range: < 1.13.7-r0
- (no CPE)range: < 1.13.7-r0
- (no CPE)range: < 1.13.7-r0
- (no CPE)range: < 1.13.7-r0
- (no CPE)range: >= 1.6.0, < 1.12.11
- (no CPE)range: >= 1.6.0, < 1.12.11
- Range: 1.14.0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.